I have this tricky scenario and want so advice to you. My client have a website built in WordPress and a web application that was built in .Net 3.5 now they want me to integrate this too site by querying some information from the database that .Net is using and display the output on the said website.
Communication between the two site is complete and working fine using some DLL for PHP to integrate to MSSQL now the problem arises here, my don't want to expose he connection string on the website built on WordPress for security reason. Without this, I can't connect to the database and made some query so I propose some bright idea, using a web service to extract connection string from the web config of ASP.Net web application. Consuming of web service to PHP is working fine but the last issue is that the web service is expose in public. what I mean once the site launch online, the said web service is open to public and anyone can see thru the web config that my boss want to keep in secret (hehehe).
I'm already confuse on how to make the web service to be more secure. Below are some specification of the two websites.
WordPress Site
PHP based
Mysql
installed with php_pdo_sqlsrv_53_ts_vc9.dll and php_sqlsrv_53_ts_vc9.dll
nusoap (use to consume ASP.Net webservice)
Mysql for database using by WordPress
.Net Site
web service to extract connection string from web config
web reference added
MSSQL for database
Please let me know if you need more information regarding my problem.
TIA
you don't have to setup a web service for this. Just store the connection string in a php file outside of your web servers root directory (probably public_html) and then include that file within you plugin. You should hard-code the path, so that people with access to the setting can't use that functionality to spy on other files. Also make sure the web server service account has read access to that file.
That is a pretty safe setup as the file can't be directly accessed through the web.
Related
I wanted to move a website from a shared server to Google Cloud but I cannot wrap my head around it. Before giving up completely, I decided to make this question:
I already completed the Hello World tutorial (https://cloud.google.com/php/getting-started/hello-world). But what if I want to update the index.html file? Where would I find it?
I was expecting to see it in one of the storage Buckets, but that's not the case... even when installing a Kubernetes Engine.
If you decide to use Google App Engine Flexible (as the hello world sample app that you linked to) you need to understand the idea of this additional layer of abstraction over your server(s). App Engine Flexible is designed to make things easier for you - you focus on your code in your local machine where you modify it, update it and then with one command (gcloud app deploy) you instruct the App Engine to do one of the following:
start a VM (your server) and a Docker container with your app in it
if it's not already running
in case you are updating an existing app, it will update the code in the VM which is your server. If your app receives a lot of traffic, you may have more than one container and VM running and all of them will get updated.
Both things are presented schematically in the image in this section.
This way you can develop your app locally and not worry about actually getting inside the server with for e.g. ssh. Your code is there in those VM(s) and App Engine manages it for you (however, if you really need to, it is still possible to ssh into the VM in App Engine Flex environment).
If you have a static website, it can be hosted in the Storage buckets, which is a different scenario. However, as you're using PHP I assume it's more likely that your website is dynamic.
I have been trying to access a mysql in a jboss eap application from a wordpress application in Openshift environment. I followed this blog post on this subject and prepared a php file on the wordpress server with $dbhost, $dbuser, $password point to the database in my jbosseap app. Unfortunately, it did not work. Each time I got a "no route to host" error. However, if I point the database to that in the wordpress app, i.e. local database, it worked perfectly.
I am wondering if there must be additional step(s) to execute when the php script and the database are in different Openshift applications?
I've ha same problem following this guide https://blog.openshift.com/sharing-database-across-applications/,
the solution is writen even there:
Step 1: Create an application with a database
We will create a scalable PHP application using a MySQL database cartridge. In non-scalable applications, the database will be installed in the same
gear as the application. In this case we want the database to be accessible from other gears. So creating a scalable application ensures that the database runs in its own gear that can be accessed from other gears.
Here
http://www.hfaber.com/post/135256827109/openshift-sharing-database-across-applications
After talking to some people in Redhat, I concluded that it is not possible to share database accesses between different applications in Openshift environment. You may see some technical documents which show how to do it, but that is for Openshift/Redhat internet environments, not for regular customers of Openshift.
At the end, I used webservices to provide sharing of DB accesses between applications.
The investigation was in August 2015. Hope it will or has changed
I have an application that retrieves some info and give them to user from a certain public website. However, i am not sure whether i should let my app immediately connect to the target website or it should get the info through my web server using a simple PHP script (JSON).
Actually I am using Jsoup to get the information and I tried both and they worked perfectly ( immediate and PHP) using Jsoup. However, I have not published my app yet due to the confusion aforementioned.
Use the web service. If your client has logic to parse the HTML, it can break when the web page changes. The web service can absorb this change and make corrections, but your client cannot. Not unless you release another version of your app, and that can be a pain.
This is more general design kind of question. My major project is to create native app for Firefox OS. Which therefor means JavaScript, jQuery, HTML5 and css. This application should have several functions. But as a general design goes I need local html,css,js application running under firefox OS with ability to access server php scripts and mysql db, but because application is running on client side, I have a major problem with communication between application and server. Which technology, language, API or JS functions could I use for Login check, registration, messaging. How can I access server from local (on PC or Mobile Device) files. There is possibility that I'm missing some point or that my whole understanding of the problem is wrong, but is this possible and how?
Apps are built using standard Web technologies with additional metadata that allows the User Agent to discover, install, launch, and grant them additional privileges.
So says MDN.
The usual way to interact with remote, shared databases is to place a RESTful HTTP front end in front of them and access that with JavaScript/XMLHttpRequest.
XHR, WebSocket or TCPSocket.
FYR:
https://developer.mozilla.org/en-US/docs/DOM/XMLHttpRequest
https://developer.mozilla.org/en/docs/WebSockets
There is no TCPSocket document on MDN, but you can study gaia email app.
https://raw.github.com/mozilla-b2g/gaia/master/apps/email/js/ext/gaia-email-opt.js
I have developed a website application that includes a custom built CMS and PayPal payments etc...
My client already has hosting for his main website via the developer of that site.
I wish to host the new application under a subdomain such as:
application.website.com
I have reservations about storing my complete source code on the other web designers server.
Is there a way that the code can remain on my server but with the required subdomain or somehow password protect the folder?
Thanks for the help.
You might be able to store your source code on your server and use the PHP include function to get the pages on your client's website to use the code on your server. I've not tried this so it may not be possible for PHP to communicate between two servers like this, but give it a go and see what happens.